package com.mgface.framework.springboot.web;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.mgface.framework.security.SBDSecurity;

@RestController
public class SBDSecurityController {
	private final static Logger log = LogManager.getLogger(SBDSecurityController.class);	
	@Autowired
	private SBDSecurity sbdSecurity;
	@Autowired
	private ApplicationContext context;

	//private Authentication authentication;

	@RequestMapping("/security")
	public String holo() {
		log.info("applicationContext信息:{}",context);
		// AuthenticationManager authenticationManager =
		// this.context.getBean(AuthenticationManager.class);
		// this.authentication = authenticationManager.authenticate(new
		// UsernamePasswordAuthenticationToken("user", "password"));
		// SecurityContextHolder.getContext().setAuthentication(this.authentication);
		// return sbdSecurity.authorized();
		SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("user", "password",
				AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER")));
		try {
			return this.sbdSecurity.secure();
		} finally {
			SecurityContextHolder.clearContext();
		}
	}
}
